It goes without saying that the rate of foreign devices accessing guest wireless networks is on the rise, thanks to growing trends in mobility and smart devices. Guest users expect to be provided with access to your wireless network, and bring along with them a host of potential security threats. Naturally, the key to mitigating these threats is managing their access to your guest wireless network. But how do you manage such an endeavour when faced with the overwhelming wave of new devices wanting network access?
NAC, naturally.
NAC, or network access control, is a solution that assists network administrators to monitor compliance and enforce adherence to security protocols when evaluating and allowing devices on your guest wireless network. It’s the key to ensuring certain criteria are met by an endpoint device, such as a laptop or tablet, when it attempts to connect to the network.
Its goals are simple - manage user identities and access, ensure enforcement of user policy and lower the threat of potential attacks.
How Does NAC Secure a Guest Wireless Network?
-
Devices attempting to connect to a guest network are quarantined, or prevented from gaining access, normally using a captive portal.
-
These devices are scanned to ascertain whether they are running an updated version of antivirus software.
-
If they are compliant, the user may be granted network access, potentially via a click-through or login splash page. Often their device may be whitelisted, meaning granted access for a predefined period, after which a rescan may be performed to assess the device once more.
-
Alternatively, if the device is found to be non-compliant, then the user may be redirected to a remediation site within a walled garden, advising them to update their antivirus software, or download it if they haven’t got one.
-
Once the user has remedied the situation, their device is scanned again, and they may be granted access to the guest wireless network.
What else can it do?
The usefulness of NAC solutions extends beyond endpoint device management. A good NAC solution allows for better monitoring of who is using your network, and how. Network traffic analysis, device and operating system fingerprinting, event-logging and user visibility are all features a NAC solution may provide, affording the opportunity for companies to obtain detailed reports on their guest network’s usage overall. In addition, NAC solutions also allow for content-filtering and guest user account management, making it a valuable asset for any business offering a guest wireless network.
Why should this matter to your business?
Besides the obvious benefits of its functionality, NAC has come a long way. Pricing has become much more accessible over the last 3 years, and whereas previous NAC solutions may have been appliance-based, current solutions are often delivered as a module or add-on to an existing security appliance, such as an ASA (adaptive security appliance). So it's simpler and easier than ever before to implement and utilise NAC to your guest network's best advantage.
Photo credit: NEC Corporation of America via photopin cc
